It's all about timing

Presentation by Haroon Meer and Marco Slaviero at Black Hat USA in 2007.

This presentation is about timing attacks against web applications. Squeeza, a
SQLi tool developed by Marco Slaviero that returns data through various
channels (DNS, timing, HTTP error messages), is introduced. An attack called
Cross-site request timing is also discussed.